Malware
CannonDesign Experiences Devastating Avos Locker Ransomware Data Breach: Confirmed!
CannonDesign has confirmed a data breach resulting from an Ako’s Locker ransomware attack. The company has taken necessary measures to secure its systems and is working with law enforcement and cybersecurity experts to investigate the incident. Learn more about the breach and how CannonDesign is addressing the issue.
Imagine receiving a letter from your employer one day, informing you that your personal information has been stolen in a cyberattack. That’s precisely what happened to over 13,000 current and former employees of CannonDesign, a prestigious architectural, engineering, and consulting firm known for its work on high-profile projects across the United States.
In early 2023, hackers breached the company’s network and stole sensitive data, including names, addresses, social security numbers, and driver’s license numbers. The firm discovered the intrusion on January 25, 2023, but it took several months to complete the investigation and notify the affected individuals.
Now, you might be wondering: who would do such a thing, and why? The answer lies in the shady world of ransomware.
Enter Avos Locker
Although CannonDesign has not officially named those responsible for the attack, we’ve confirmed that it was the work of the Avos Locker ransomware group. In February 2023, the group claimed to hold 5.7 TB of stolen data from CannonDesign, including corporate and client files.
When their attempts to extort the architectural firm failed, the data found its way into the hands of Dunghill Leaks, a data leak site launched by the Dark Angels ransomware group. They published 2TB of the stolen data in September 2023, which allegedly included database dumps, project schematics, hiring documents, client details, marketing material, IT and infrastructure details, and quality assurance reports.
But it didn’t end there. In February 2024, the same dataset was published on hacker forums in the dark web, including ClubHydra, and part of it was even shared via torrent on Breached Forums in July 2024.
Despite the data being published online multiple times, the firm states it is not aware of any attempted misuse of the stolen information.
What now?
CannonDesign is offering 24-month credit monitoring through Experian to help mitigate the risks for those affected by the data breach. However, this comes with a significant delay, and it’s a stark reminder of how vulnerable even the most innovative and successful companies can be to cyberattacks.
It’s essential to stay informed and prepared in this constantly evolving digital landscape. That’s where we come in. Our IT Services can help you stay ahead of the curve and navigate the complex world of cybersecurity. We’ll provide you with the knowledge and tools you need to protect yourself and your organization from potential threats.
Don’t leave your security to chance. Reach out to us today and take the first step toward safeguarding your digital assets. And remember, always stay vigilant and keep coming back to learn more about the latest developments in cybersecurity.